Archive for October, 2009

For those of you running firefox 3.0.14 or 3.5.3, please do a check for updates (you will need to do a runas admin for it not to be greyed out) http://secunia.com/advisories/36711/Mozilla Firefox Multiple Vulnerabilities Critical: Highly critical Impact: Security BypassManipulation of dataExposure of sensitive informationSystem access Where: From remote Solution Status: Vendor Patch 1) An […]

The SANs Diary for Wednesday has a good article on log aggregators. While I have included the original content below, the article is at http://isc.sans.org/diary.html?storyid=7351 (incase something is added later) Often times, if hackers or worms break into your computer, they will try to delete the logs on the local computer to help hide their […]

And if you do, heres a fix to address the lost home folder issue http://reviews.cnet.com/8301-13727_7-10356505-263.html? How to restore Lost home folder after logging in as guest in Snow Leopard Be aware that Snow Leopard seems to have a problem with how guest accounts are handled on systems that had them enabled before upgrading from Leopard. […]

Just ran across these – https://addons.mozilla.org/en-US/firefox/collection/redspin-web Specifically these are pretty handy. There are some tools that can test for Cross Site scripting and SQL injection. https://addons.mozilla.org/en-US/firefox/addon/6727?collection_uuid=0e892c37SQL Injection is an Upgrade from the old form free, it is a component to transform checkboxes, radio buttons, select elements to a input text and enable disabled elements from […]

There is a zero day vulnerability for Acrobat and Reader. As I understand it a patch is to be released on Tuesday, October 13. http://secunia.com/advisories/36983/Critical: Extremely criticalImpact: System accessWhere: From remoteSolution Status: Unpatched Description:A vulnerability has been reported in Adobe Reader and Acrobat, which can be exploited by malicious people to compromise a […]

http://isc.sans.org/diary.html?storyid=7276 Published: 2009-10-05, Microsoft has confirmed that thousands of Windows Live accounts have been compromised with their passwords posted online. Mainstream media such as the BBC are also carrying the story. Some information is posted here. Some does and don’ts: Do change your passwords on a regular basis (every six months or so) Do use […]